package com.example.demo.controller;
/*
 * @Desc 
 * @author 蔡超
 * @date 2018/9/25 10:53
 */

import org.apache.catalina.security.SecurityUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ByteSource;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

@RestController
public class LoginController {

    @RequestMapping(value = "/login")
    public String doLogin(HttpServletRequest request){
        String userName = request.getParameter("userName");
        String password = request.getParameter("password");

        String salt = "salt-code";
        password = new SimpleHash("md5",  password, ByteSource.Util.bytes(salt), 2).toHex();
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(userName,password);
        try {
            subject.login(usernamePasswordToken);
        } catch (AuthenticationException e) {
            usernamePasswordToken.clear();
            return "FALSE";
        }
        return "SUCCESS";
    }

}
